Linux kernel development work - see feature branches https://git.zx2c4.com/linux-dev/atom/drivers/char/tpm?h=master 2022-10-10T20:09:33Z 2022-10-10T20:09:33Z Linus Torvalds torvalds@linux-foundation.org 2022-10-10T20:09:33Z urn:sha1:ada3bfb6492a6d0d3eca50f3b61315fe032efc72 Pull tpm updates from Jarkko Sakkinen: "Just a few bug fixes this time" * tag 'tpmdd-next-v6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle security/keys: Remove inconsistent __user annotation char: move from strlcpy with unused retval to strscpy 2022-10-04T21:25:56Z Wolfram Sang wsa+renesas@sang-engineering.com 2022-08-18T20:59:59Z urn:sha1:e174b1273ef97d090ef85cb09a6bfdc10ea8dcf6 Follow the advice of the below link and prefer 'strscpy' in this subsystem. Conversion is 1:1 because the return value is not used. Generated by a coccinelle script. Link: https://lore.kernel.org/r/CAHk-=wgfRnXz0W3D37d01q3JFkr_i_uTL=V6A6G1oUZcprmknw@mail.gmail.com/ Signed-off-by: Wolfram Sang <wsa+renesas@sang-engineering.com> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 2022-08-16T10:46:26Z Uwe Kleine-König u.kleine-koenig@pengutronix.de 2022-08-15T08:02:30Z urn:sha1:ed5c2f5fd10dda07263f79f338a512c0f49f76f5 The value returned by an i2c driver's remove function is mostly ignored. (Only an error message is printed if the value is non-zero that the error is ignored.) So change the prototype of the remove function to return no value. This way driver authors are not tempted to assume that passing an error to the upper layer is a good idea. All drivers are adapted accordingly. There is no intended change of behaviour, all callbacks were prepared to return 0 before. Reviewed-by: Peter Senna Tschudin <peter.senna@gmail.com> Reviewed-by: Jeremy Kerr <jk@codeconstruct.com.au> Reviewed-by: Benjamin Mugnier <benjamin.mugnier@foss.st.com> Reviewed-by: Javier Martinez Canillas <javierm@redhat.com> Reviewed-by: Crt Mori <cmo@melexis.com> Reviewed-by: Heikki Krogerus <heikki.krogerus@linux.intel.com> Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Acked-by: Marek Behún <kabel@kernel.org> # for leds-turris-omnia Acked-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Petr Machata <petrm@nvidia.com> # for mlxsw Reviewed-by: Maximilian Luz <luzmaximilian@gmail.com> # for surface3_power Acked-by: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com> # for bmc150-accel-i2c + kxcjk-1013 Reviewed-by: Hans Verkuil <hverkuil-cisco@xs4all.nl> # for media/* + staging/media/* Acked-by: Miguel Ojeda <ojeda@kernel.org> # for auxdisplay/ht16k33 + auxdisplay/lcd2s Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com> # for versaclock5 Reviewed-by: Ajay Gupta <ajayg@nvidia.com> # for ucsi_ccg Acked-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> # for iio Acked-by: Peter Rosin <peda@axentia.se> # for i2c-mux-*, max9860 Acked-by: Adrien Grassein <adrien.grassein@gmail.com> # for lontium-lt8912b Reviewed-by: Jean Delvare <jdelvare@suse.de> # for hwmon, i2c-core and i2c/muxes Acked-by: Corey Minyard <cminyard@mvista.com> # for IPMI Reviewed-by: Vladimir Oltean <olteanv@gmail.com> Acked-by: Dmitry Torokhov <dmitry.torokhov@gmail.com> Acked-by: Sebastian Reichel <sebastian.reichel@collabora.com> # for drivers/power Acked-by: Krzysztof Hałasa <khalasa@piap.pl> Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Wolfram Sang <wsa@kernel.org> 2022-08-03T20:56:20Z Mårten Lindahl marten.lindahl@axis.com 2022-08-01T13:57:03Z urn:sha1:863ed94c589fcd1984f4e3080f069d30508044bb In commit 0aa698787aa2 ("tpm: Add Upgrade/Reduced mode support for TPM2 modules") it was said that: "If the TPM is in Failure mode, it will successfully respond to both tpm2_do_selftest() and tpm2_startup() calls. Although, will fail to answer to tpm2_get_cc_attrs_tbl(). Use this fact to conclude that TPM is in Failure mode." But a check was never added in the commit when calling tpm2_get_cc_attrs_tbl() to conclude that the TPM is in Failure mode. This commit corrects this by adding a check. Fixes: 0aa698787aa2 ("tpm: Add Upgrade/Reduced mode support for TPM2 modules") Cc: stable@vger.kernel.org # v5.17+ Signed-off-by: Mårten Lindahl <marten.lindahl@axis.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 2022-08-03T20:56:20Z Yang Li yang.lee@linux.alibaba.com 2022-07-01T09:13:22Z urn:sha1:ffd056fa31779756d7146fb17325fb7872c98812 Eliminate the following coccicheck warning: ./drivers/char/tpm/tpm_tis_i2c.c:379:3-8: No need to set .owner here. The core will do it. Remove .owner field if calls are used which set it automatically Signed-off-by: Yang Li <yang.lee@linux.alibaba.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 2022-08-03T20:56:20Z Alexander Steffen Alexander.Steffen@infineon.com 2022-06-08T17:31:13Z urn:sha1:bbc23a07b0728c820d665d0054b2e2a6d01f0a98 Implement the TCG I2C Interface driver, as specified in the TCG PC Client Platform TPM Profile (PTP) specification for TPM 2.0 v1.04 revision 14, section 8, I2C Interface Definition. This driver supports Guard Times. That is, if required by the TPM, the driver has to wait by a vendor-specific time after each I2C read/write. The specific time is read from the TPM_I2C_INTERFACE_CAPABILITY register. Unfortunately, the TCG specified almost but not quite compatible register addresses. Therefore, the TIS register addresses need to be mapped to I2C ones. The locality is stripped because for now, only locality 0 is supported. Add a sanity check to I2C reads of e.g. TPM_ACCESS and TPM_STS. This is to detect communication errors and issues due to non-standard behaviour (E.g. the clock stretching quirk in the BCM2835, see 4dbfb5f4401f). In case the sanity check fails, attempt a retry. Co-developed-by: Johannes Holland <johannes.holland@infineon.com> Signed-off-by: Johannes Holland <johannes.holland@infineon.com> Co-developed-by: Amir Mizinski <amirmizi6@gmail.com> Signed-off-by: Amir Mizinski <amirmizi6@gmail.com> Signed-off-by: Alexander Steffen <Alexander.Steffen@infineon.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 2022-08-03T20:56:19Z Alexander Steffen Alexander.Steffen@infineon.com 2022-06-08T17:31:12Z urn:sha1:f25534a68b8e1ed8266d23b464a3b512364b124d Some TPMs, e.g. those implementing the I2C variant of TIS, can verify data transfers to/from the FIFO with a CRC. The CRC is calculated over the entirety of the FIFO register. Since the phy_ops layer is not aware when the core layer is done reading/writing the FIFO, CRC verification must be triggered from the core layer. To this end, add an optional phy_ops API call. Co-developed-by: Johannes Holland <johannes.holland@infineon.com> Signed-off-by: Johannes Holland <johannes.holland@infineon.com> Signed-off-by: Alexander Steffen <Alexander.Steffen@infineon.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 2022-08-03T20:56:19Z Stefan Mahnke-Hartmann stefan.mahnke-hartmann@infineon.com 2022-06-03T08:41:58Z urn:sha1:5e3a3f27cbded417e6d1ea2bb9739b572c09580e In case a TPM in failure mode is detected, the TPM should be accessible through a transparent communication channel for analysing purposes (e.g. TPM_GetTestResult) or a field upgrade. Since a TPM in failure mode has similar reduced functionality as in field upgrade mode, the flag TPM_CHIP_FLAG_FIRMWARE_UPGRADE is also valid. As described in TCG TPM Main Part1 Design Principles, Revision 116, chapter 9.2.1. the TPM also allows an update function in case a TPM is in failure mode. If the TPM in failure mode is detected, the function tpm1_auto_startup() sets TPM_CHIP_FLAG_FIRMWARE_UPGRADE flag, which is used later during driver initialization/deinitialization to disable functionality which makes no sense or will fail in the current TPM state. The following functionality is affected: * Do not register TPM as a hwrng * Do not get pcr allocation * Do not register sysfs entries which provide information impossible to obtain in limited mode Signed-off-by: Stefan Mahnke-Hartmann <stefan.mahnke-hartmann@infineon.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> 2022-05-24T20:16:50Z Linus Torvalds torvalds@linux-foundation.org 2022-05-24T20:16:50Z urn:sha1:7cf6a8a17f5b134b7e783c2d45c53298faef82a7 Pull tpm updates from Jarkko Sakkinen: - Tightened validation of key hashes for SYSTEM_BLACKLIST_HASH_LIST. An invalid hash format causes a compilation error. Previously, they got included to the kernel binary but were silently ignored at run-time. - Allow root user to append new hashes to the blacklist keyring. - Trusted keys backed with Cryptographic Acceleration and Assurance Module (CAAM), which part of some of the new NXP's SoC's. Now there is total three hardware backends for trusted keys: TPM, ARM TEE and CAAM. - A scattered set of fixes and small improvements for the TPM driver. * tag 'tpmdd-next-v5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: MAINTAINERS: add KEYS-TRUSTED-CAAM doc: trusted-encrypted: describe new CAAM trust source KEYS: trusted: Introduce support for NXP CAAM-based trusted keys crypto: caam - add in-kernel interface for blob generator crypto: caam - determine whether CAAM supports blob encap/decap KEYS: trusted: allow use of kernel RNG for key material KEYS: trusted: allow use of TEE as backend without TCG_TPM support tpm: Add field upgrade mode support for Infineon TPM2 modules tpm: Fix buffer access in tpm2_get_tpm_pt() char: tpm: cr50_i2c: Suppress duplicated error message in .remove() tpm: cr50: Add new device/vendor ID 0x504a6666 tpm: Remove read16/read32/write32 calls from tpm_tis_phy_ops tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() tpm/tpm_ftpm_tee: Return true/false (not 1/0) from bool functions certs: Explain the rationale to call panic() certs: Allow root user to append signed hashes to the blacklist keyring certs: Check that builtin blacklist hashes are valid certs: Make blacklist_vet_description() more strict certs: Factor out the blacklist hash creation tools/certs: Add print-cert-tbs-hash.sh 2022-05-23T15:47:50Z Stefan Mahnke-Hartmann stefan.mahnke-hartmann@infineon.com 2022-05-13T13:41:53Z urn:sha1:af402ee3c045b0cbd10b7e66d2431304ac9e69bb TPM2_GetCapability with a capability that has the property type value of TPM_PT_TOTAL_COMMANDS returns a zero length list, when an Infineon TPM2 is in field upgrade mode. Since an Infineon TPM2.0 in field upgrade mode returns RC_SUCCESS on TPM2_Startup, the field upgrade mode has to be detected by TPM2_GetCapability. Signed-off-by: Stefan Mahnke-Hartmann <stefan.mahnke-hartmann@infineon.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>